Listing of the Claims 



1 . (Previously presented) A method comprising: 

generating session information at a control node in response to a request from a 
client to access a system node and sending the session information to the client, the 
system node, and a data node if the client and system node satisfy at least one condition 
for accessing each other; 

receiving at the data node a request from the client to access the system node and a 
request from the system node to access the client; and 

establishing a first secure authenticated connection between the client and the 
system node via the data node based at least in part on the session information. 

2. (Previously presented) The method of claim 1, further comprising receiving at 
the control node a request from the client for the session information. 

3. (Previously presented) The method of claim 1, further comprising, prior to 
receiving the request from the client to access the system node, registering the system 
node with a control node. 

4. (Previously presented) The method of claim 1 further comprising, prior to 
receiving the request from the client to access the system node, providing a list of 
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registered system nodes to the client, wherein the system node is selected at the client 
from the list of registered system nodes. 

5. (Original) The method of claim 1, further comprising notifying the system node 
when a message is received from the client at the data node. 

6. (Previously presented) The method of claim 5, further comprising establishing 
a second secure authenticated connection between the system node and the data node. 

7. (Previously presented) The method of claim 6, further comprising sending the 
message from the data node to the system node over the second secure authenticated 
connection between the system node and the data node. 

8. (Previously presented) A computer program product encoding computer 
programs for executing on a control node and a data node a computer process, the 
computer process comprising: 

generating session information at the control node in response to receiving a 
request from a client to access a system node and sending the session information to the 
client, the system node, and the data node if the client and system node satisfy at least 
one condition for accessing each other; 

receiving at the data node a request from the client to access the system node and a 
request from the system node to access the client; and 
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establishing a first secure authenticated connection between the client and the 
system node via the data node based at least in part on the session information. 

9. (Original) The computer program product of claim 8 wherein the computer 
process at the control node further comprises registering the system node. 

10. (Previously presented) The computer program product of claim 8 wherein the 
computer process at the control node further comprises updating a client database at the 
control node with a dynamic network address for the system node on a recurring basis. 

1 1 . (Previously presented) The computer program product of claim 8 wherein the 
computer process at the data node further comprises: 

notifying the system node when a message is received from the client at the data 

node; 

establishing a second secure authenticated connection between the system node 
and the data node; and 

sending the message from the data node to the system node over the second secure 
authenticated connection between the system node and the data node. 

12. (Previously presented) A system for establishing a secure authenticated 
network connection between a client and a system node, comprising: 



4 



1 5007.91 5US02 



a control node linked to the client and the system node, the control node providing 
the client and the system node with session information if the client and system node 
satisfy at least one condition for accessing each other; and 

a data node communicatively coupled to the control node, the data node receiving 
a request from the client to access the system node and a request from the system node to 
access the client and establishing a first secure authenticated connection between the 
client and the system node via the data node based at least in part on the session 
information. 

13. (Original) The system of claim 12 wherein the session information includes at 
least a network address for the system node. 

14. (Original) The system of claim 12 wherein the session information includes at 
least a dynamic network address for the system node. 

15. (Original) The system of claim 12 wherein the session information includes a 
status of the system node. 

16. (Previously presented) The system of claim 12 wherein a second secure 
authenticated connection between the data node and the system node is established in 
response to the data node receiving a message from the client. 
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17. (Original) The system of claim 12 further comprising a client database 
operatively associated with the control node, the client database including a data structure 
identifying system nodes registered with the control node. 

18. (Original) The system of claim 17 wherein the data structure identifies 
authorized users of the system nodes registered with the control node. 

19. (Original) The system of claim 12 further comprising a session database 
operatively associated with the data node, the session database storing the session 
information received from the control node. 

20. (Previously presented) The system of claim 19 wherein the session 
information for a client session is removed from the session database when the client 
session ends. 
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